During my work as an IT Consultant, I frequently use PowerShell scripts to connect to Azure, Microsoft 365 or Microsoft Graph. When these scripts run automated on servers or in Azure Automate, I often use certificates for authentication. Creating these App Registrations in Entra ID portal is not very convenient.

I have used scripts before to create these App Regs. You might have seen it in my PSRoomSigning solution.

This script is a very complete App Reg Manager.

Features:

• Create a new App Registration in Microsoft Entra ID with a new self-signed certificate.
• Delete App Registrations in Microsoft Entra ID (multi select supported).
• Report App Registrations with certificates/secrets that are expired or about to expire (export2csv).
• Report API permissions or Role Permissions on App Registrations (export2csv).
• Create a new self-signed certificate and add it to an existing App Registration (one that is about to expire).
• You can choose how long the certificate is valid in days.
• After creation it exports the certificate into a PFX file.
• After creation it exports sample PowerShell code to use the new App Registration in PowerShell.

Requirements

• Runs on PowerShell (only tested on Windows)
• Uses Microsoft Graph PowerShell module (https://learn.microsoft.com/en-us/powershell/microsoftgraph/installation?view=graph-powershell-1.0)
• Need Global Admin account or (….)

Installation:

• Install the required PowerShell module: Install-Module -Name Microsoft.Graph
• Extract the ZIP file to a scripts folder i.e. “c:\scripts\appregmgr”
• Execute the script.

You can download the second (v2) version here.

.REVISIONS
2024_v02 – Update, Object ID instead of AppID was exported. Fixed.
2024_v01 – first release